User Guide
Table Of Contents
- Cisco Wireless ISR and HWIC Access Point Configuration Guide
- Contents
- Preface
- Overview
- Configuring Radio Settings
- Enabling the Radio Interface
- Roles in Radio Network
- Configuring Network or Fallback Role
- Universal Client Mode
- Configuring Universal Client Mode
- Configuring Radio Data Rates
- Configuring Radio Transmit Power
- Configuring Radio Channel Settings
- Enabling and Disabling World Mode
- Enabling and Disabling Short Radio Preambles
- Configuring Transmit and Receive Antennas
- Disabling and Enabling Access Point Extensions
- Configuring the Ethernet Encapsulation Transformation Method
- Enabling and Disabling Reliable Multicast to Workgroup Bridges
- Enabling and Disabling Public Secure Packet Forwarding
- Configuring Beacon Period and DTIM
- Configuring RTS Threshold and Retries
- Configuring Maximum Data Retries
- Configuring Fragmentation Threshold
- Enabling Short Slot Time for 802.11g Radios
- Performing a Carrier Busy Test
- Configuring Multiple SSIDs
- Configuring an Access Point as a Local Authenticator
- Understand Local Authentication
- Configure a Local Authenticator
- Guidelines for Local Authenticators
- Configuration Overview
- Configuring the Local Authenticator Access Point
- Configuring Other Access Points to Use the Local Authenticator
- Configuring EAP-FAST Settings
- Limiting the Local Authenticator to One Authentication Type
- Unblocking Locked Usernames
- Viewing Local Authenticator Statistics
- Using Debug Messages
- Configuring Encryption Types
- Configuring Authentication Types
- Configuring RADIUS Servers
- Configuring and Enabling RADIUS
- Understanding RADIUS
- RADIUS Operation
- Configuring RADIUS
- Default RADIUS Configuration
- Identifying the RADIUS Server Host
- Configuring RADIUS Login Authentication
- Defining AAA Server Groups
- Configuring RADIUS Authorization for User Privileged Access and Network Services
- Starting RADIUS Accounting
- Selecting the CSID Format
- Configuring Settings for All RADIUS Servers
- Configuring the Access Point to Use Vendor-Specific RADIUS Attributes
- Configuring the Access Point for Vendor-Proprietary RADIUS Server Communication
- Configuring WISPr RADIUS Attributes
- Displaying the RADIUS Configuration
- RADIUS Attributes Sent by the Access Point
- Configuring and Enabling RADIUS
- Configuring VLANs
- Configuring QoS
- Channel Settings
- Protocol Filters
- Supported MIBs
- Error and Event Messages
- Glossary
- Index
5-4
Cisco Wireless ISR and HWIC Access Point Configuration Guide
OL-6415-04
Chapter 5 Configuring Encryption Types
Configure Encryption Types
This example shows how to create a 128-bit WEP key in slot 3 for VLAN 22 and sets the key as the
transmit key:
router# configure terminal
router(config)# interface dot11radio 0
router(config-if)# encryption vlan 22 key 3 size 128 12345678901234567890123456
transmit-key
router(config-ssid)# end
WEP Key Restrictions
Table 5-1 lists WEP key restrictions based on your security configuration.
Step 3
encryption
[vlan vlan-id]
key 1-4
size { 40 | 128 } encryption-key
[ 0 | 7 ]
[transmit-key]
Create a WEP key and set up its properties.
• (Optional) Select the VLAN for which you want to create
a key.
• Name the key slot in which this WEP key resides. You can
assign up to 4 WEP keys for each VLAN.
• Enter the key and set the size of the key, either 40-bit or
128-bit. 40-bit keys contain 10 hexadecimal digits; 128-bit
keys contain 26 hexadecimal digits.
• (Optional) Specify whether the key is encrypted (7) or
unencrypted (0).
• (Optional) Set this key as the transmit key. The key in slot
1 is the transmit key by default.
Note Using security features such as authenticated key
management can limit WEP key configurations. See the
“WEP Key Restrictions” section on page 5-4 for a list
of features that impact WEP keys.
Step 4
end Return to privileged EXEC mode.
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Ta b l e 5-1 WEP Key Restrictions
Security Configuration WEP Key Restriction
WPA authenticated key management Cannot configure a WEP key in key slot 1
LEAP or EAP authentication Cannot configure a WEP key in key slot 4
Cipher suite with 40-bit WEP Cannot configure a 128-bit key
Cipher suite with 128-bit WEP Cannot configure a 40-bit key
Cipher suite with TKIP Cannot configure any WEP keys